I just installed the new version of backtrack, I was using slackware before ...

I'm missing some stuff like fragrouter ...

also ... arpspoof does not work

and I seemed to be completely lost in sniffing a switched network

I use

ettercap -Tq -M arp /192.168.101/ /192.168.1.1/ -i ath0

but I don't see any traffic , althow i'm surfing the other laptop

So actually what i'm asking is .... is there an up-to-date tutorial/howto on sniffing with the new backtrack, also using arpspoofing ?

regards

03-11-2007, 11:20 AM

on3qrt

Hello guys ...

Im still fighting with this issue.
I used ettercap from the shell, I used ettercap from the gui ... but I can't sniff

router : 192.168.2.1
victim : 192.168.2.100
me : 192.168.2.102

no WEP encryption ( to make it easy )

I'm actually trying to sniff wireless with msgsnarf and urlsnarf and some others.
but when I sniff there is nothing appearing in the shells where the tools are running.
when I browse and use msn on the local laptop, all is appearing in the sniffing shells.

Do I need to change something ? is arp poisening not working ?
do I need to change etter.dns ??

please help me

Regards

03-13-2007, 05:40 AM

on3qrt

Hello again ....

I changed etter.dns to my IP address and started ettercap in the gui version.
selected unified sniffing, scanned for hosts, slelected MITM, and then it says arp-poisning ANY--> ANY, then I start the sniffer.

not much happens....

I start URLSnarf,MSGSnarf,Dsnif and all other fancy handy tools

not much happens

then I wait, and I see a little activity in the URLSnarf, and thats it ...
nothing more nothing less

although I'm surfing and chatting and entering password on the other system like crazy ...

what is wrong ? what I'm doing wrong ?

btw ... I'm using an Ubiquiti 300mW PCMCIA card with the atheros chipset